cfa256464e
This addresses CVE-2017-18342. I doubt anyone is actually using an old version of PyYAML with oslo.config at this point, but that means it shouldn't hurt to bump the minimum either. Change-Id: I4f440eb9511333ce70db4184857dcbcdd0ed1b97 Closes-Bug: 1839398
13 lines
465 B
Plaintext
13 lines
465 B
Plaintext
# The order of packages is significant, because pip processes them in the order
|
|
# of appearance. Changing the order has an impact on the overall integration
|
|
# process, which may cause wedges in the gate later.
|
|
|
|
debtcollector>=1.2.0 # Apache-2.0
|
|
netaddr>=0.7.18 # BSD
|
|
stevedore>=1.20.0 # Apache-2.0
|
|
oslo.i18n>=3.15.3 # Apache-2.0
|
|
rfc3986>=1.2.0 # Apache-2.0
|
|
PyYAML>=5.1 # MIT
|
|
requests>=2.18.0 # Apache-2.0
|
|
importlib_metadata>=1.7.0;python_version<'3.8' # Apache-2.0
|